Testing In-Store Devices for Network Cybersecurity Vulnerabilities

Concerns about store visitors using display models to compromise its networks leads to a SecureWorks engagement

When millions of U.S. consumers visit the stores of their local wireless telecommunications providers each day, they pick up the various smartphones on display trying them out, calling out to their own current phones or surfing the web.

Could hackers use those mobile devices to break into a wireless carrier’s networks, too?

That’s the question one rural wireless carrier wanted answered. Given that the wireless carrier needed to test a specific attack vector, SecureWorks recommended Advanced Penetration Testing, a method that uses an approach tailored to the client’s requirements utilizing sophisticated techniques in its comprehensive effort to break through a company’s cyberdefenses.

The SecureWorks team performed the Advanced Penetration Test by applying a range of advanced attack protocols, using state-of-the-art hacking tools to seek access to the wireless carrier’s internal networks. In the store selected for the test, the SecureWorks team used a variety of mobile devices on display, both smartphones and tablets that feature iOS and Android operating systems.

The results of the testing effort showed that the wireless carrier’s network cyberdefenses could protect its internal networks from an in-store attack initiated by a store visitor using a display device. This validation of its protection from this particular attack vector gave the company assurance that the risk of an in-store hack is virtually nil and provided additional evidence for auditors that its efforts to comply with PCI standards exceed what is typically seen at other companies.